class Admin::PaymentsController < ApplicationController
  before_filter :check_admin_authorization
  layout "admin"
  
  # GET /payments
  # GET /payments.xml
  def index
    @payments = Payment.find(:all)

    respond_to do |format|
      format.html # index.rhtml
      format.xml  { render :xml => @payments.to_xml }
    end
  end

  # GET /payments/1
  # GET /payments/1.xml
  def show
    @payment = Payment.find(params[:id])

    respond_to do |format|
      format.html # show.rhtml
      format.xml  { render :xml => @payment.to_xml }
    end
  end

  # GET /payments/new
  def new
    @payment = Payment.new
  end

  # GET /payments/1;edit
  def edit
    @payment = Payment.find(params[:id])
  end

  # POST /payments
  # POST /payments.xml
  def create
    @payment = Payment.new(params[:payment])
    
       

    respond_to do |format|
      if @payment.save
        flash[:notice] = 'Payment was successfully created.'
        format.html { redirect_to payment_url(@payment) }
        format.xml  { head :created, :location => payment_url(@payment) }
      else
        format.html { render :action => "new" }
        format.xml  { render :xml => @payment.errors.to_xml }
      end
    end
  end
  def back
          string_to_hash=''
          string_to_hash << 'logistics_fee=10&logistics_payment=BUYER_PAY&logistics_type=EXPRESS&out_trade_no='
          string_to_hash << @order.id.to_s
          string_to_hash << '&partner='
          string_to_hash << @store.partnerID.to_s
          string_to_hash << '&payment_type=1&price='
          string_to_hash << @cart.total_price.to_s
          string_to_hash << '&quantity='
          string_to_hash << @cart.items.length.to_s
          string_to_hash << '&seller_email='
          string_to_hash << @store.zfb_account.to_s
          string_to_hash << '&service=trade_create_by_buyer&subject=www.I_meili.com'

          hashed_string=Digest::MD5.hexdigest(string_to_hash+@store.key)
          
          url = ''
          url << 'https://www.alipay.com/cooperate/gateway.do?'
          url << string_to_hash 
          url << '&sign='
          url << hashed_string
          url << '&sign_type=MD5'
          
          redirect_to(url)
  end

  # PUT /payments/1
  # PUT /payments/1.xml
  def update
    @payment = Payment.find(params[:id])

    respond_to do |format|
      if @payment.update_attributes(params[:payment])
        flash[:notice] = 'Payment was successfully updated.'
        format.html { redirect_to payment_url(@payment) }
        format.xml  { head :ok }
      else
        format.html { render :action => "edit" }
        format.xml  { render :xml => @payment.errors.to_xml }
      end
    end
  end

  # DELETE /payments/1
  # DELETE /payments/1.xml
  def destroy
    @payment = Payment.find(params[:id])
    @payment.destroy

    respond_to do |format|
      format.html { redirect_to payments_url }
      format.xml  { head :ok }
    end
  end
end
